Security vulnerabilities of Internet facing systems can potentially have severe, wide-reaching implications for your organization. SMT with Cognosec’s certified ASV Scans will identify weaknesses and vulnerabilities as well as quantify their severity – allowing them to be managed efficiently and effectively. Doing so will

Fulfill the PCI DSS Requirement 11.2 for quarterly vulnerability scans performed by an ASV.

Provide proof of due diligence to regulators, customers and shareholders.

It is imperative that any individual capable of accessing information technologies in an organization understands the value of the resources at their disposal and their responsibility of keeping those resources from being abused. Careless or unaware individuals could potentially disrupt an organizations IT systems or accidentally allow for unauthorized access to systems.

To address PCI DSS requirements 12.5 and 12.6, which refer to the distribution of security polices throughout the company and the existence of a formal security program, SMT offers full support in the development of security policies and security awareness programs. The SMT Security Awareness Program is designed to help you raise the level of understanding of how important security is today, and to help you push responsibility throughout the company.

Variances between the PCI DSS and an organization’s currently established policies and practices detected in the gap assessment need to be addressed. Any entity that accepts payment card transactions must be compliant with all 12 elements of the PCI Data Security Standard.

Install and maintain a firewall configuration to protect cardholder data

Do not use vendor-supplied defaults for system passwords and other security parameters

Protect stored data

Encrypt transmission of cardholder data across open, public networks

Use and regularly update anti-virus software or programs

Develop and maintain secure systems and applications

Restrict access to cardholder data by business need-to-know

Assign a unique ID to each person with computer access

Restrict physical access to cardholder data

Track and monitor all access to network resources and cardholder data

Regularly test security systems and processes

Maintain a policy that addresses information security for all personnel

Many companies already have security standards and procedures in place, but as the world is conforming to one standard, a re-assessment is often necessary. A PCI Gap Assessment is an analysis on the variances between established security standards and those required by the PCI SSC for PCI certification.

About SMT

SMT strong team of highly qualified consultants, certified and well-trained technical engineers who are capable of understanding our customers’ needs in order to make sure providing them with right technology and world-class of services surrounding today’s Information Security Technology .

Newsletter

Subscribe to our newsletter and stay updated on the latest news and special offers!